I don't want this to happen, so I need to know how to stop ISPConfig from being accessible on port 80 OR if that cannot be done, give the ISPConfig interface itself protection using .htaccess (which I tried and failed to do even though it is working fine for client sites).

Thanks for your fast reply, unfortunately, it doesn't seem to work. Even when I remove the Allow from line, I can still access the site. I tried changing AllowOverride to All on all the sections, but that didn't help. Am I missing something?

I did try the allow line too. This is strange, I am sure that I have the correct vhost file (the virtual domains' vhost file are all contained there too). Really annoying how it works for you but not for me! Anthing else I need to do?